This document describes the functional requirements of a Security Management System (SMS) that offers a centralized view for control and security oversight of a Telecommunications Service Provider's (TSP's) infrastructure. The SMS spans the management of the Management Security Plane, the Control Security Plane, and the End-User Security Plane. The TSP's infrastructure spans, at a minimum: • Application servers (e.g., servers for mail, instant messaging, database, web, file, Voice over IP (VoIP) and other applications); • Support servers (e.g., DNS [b-IETF RFC 2181], DHCP [b-IETF RFC 2131], NTP [b-IETF RFC 1305], backup, and other infrastructure support services); • Internetworking/transport components (e.g., multiplexers, switches, routers, transport gateways, application gateways, gateway controllers, packet-filters a.k.a. firewalls, content filters, access points, bridges, wired and wireless telephony devices and monitoring probes for QoS, and network activity, to name a few); • End user host systems (e.g., laptop systems, desk-top systems, workstations, printers, etc.); and • Management systems (e.g., element management, network management, service management, and business management systems). All of the above entities are referred to in this document as Managed Elements (MEs) from a security management perspective. The requirements specified in this document should be applicable to a TSP’s current infrastructure and also infrastructure evolution necessary for building their Next Generation Networks (NGNs) (see [ITU-T Y.2001] and [ITU-T Y.2012]). This recommendation draws on an ATIS standard [ATIS 0300074.2006] as a major source of information and text. A key aspect of this recommendation is that it defines a logical architecture and set of functionality independent of physical implementation. Functionality is defined in terms of functional entities, their logical relationships as well as aggregation of Functional Entities (FEs) into Functional Groups (FGs). Deployment and implementation of these FEs and FGs, within an infrastructure, can take many forms, such as centralized, hierarchical, distributed, or some combination of these. This Recommendation takes no stand as to implementation of FEs and FGs in so far as implementation decisions do not have security related ramifications. The detailed description of the interactions between FGs is not described in this specification. Annex A contains a normative Proforma wherein specific SMS requirements are documented. Appendices I, II and III are informative and cover: Appendix I: The relationship between the SMS and the security concepts covered in [ITU-T X.800]. Appendix II: The relationship between the SMS and other TSP Management systems and frameworks. Appendix III: The structure and organization of NGN networks and their growing complexity.
ITU-T M.3410-2008由国际电信联盟 IX-ITU 发布于 2008-08-01。
ITU-T M.3410-2008 在中国标准分类中归属于: M09 卫生、安全、劳动保护。
Copyright ©2007-2022 ANTPEDIA, All Rights Reserved
京ICP备07018254号 京公网安备1101085018 电信与信息服务业务经营许可证:京ICP证110310号